<?php



class important extends connector {

	function important() {
		$this->softbase(true);
	}

	function onmemberlist() {
		$this->powercheck(110, 109);
		parent::start_template();

		$MinPageid = $this->fun->accept('MinPageid', 'R');

		$page_id = $this->fun->accept('page_id', 'R');

		$countnum = $this->fun->accept('countnum', 'R');

		$MaxPerPage = $this->fun->accept('MaxPerPage', 'R');
		if (empty($MaxPerPage)) {
			$MaxPerPage = $this->CON['max_list'];
		}
		$db_where = " WHERE userid>0";
		$mcid = $this->fun->accept('mcid', 'R');
		if (!empty($mcid)) {
			$db_where.=' AND mcid=' . $mcid;
		}
		$source = $this->fun->accept('source', 'R');
		if (!empty($source)) {
			$db_where.=' AND source=' . $source;
		}
		$isclass = $this->fun->accept('isclass', 'R');
		if (!empty($isclass)) {
			if ($isclass == 2) $isclass = 0;
			$db_where.=' AND isclass=' . $isclass;
		}
		$country = $this->fun->accept('country', 'R');
		if (!empty($country)) {
			$db_where.=' AND country=' . $country;
		}
		$province = $this->fun->accept('province', 'R');
		if (!empty($province)) {
			$db_where.=' AND province=' . $province;
		}
		$city = $this->fun->accept('city', 'R');
		if (!empty($city)) {
			$db_where.=' AND city=' . $city;
		}
		$district = $this->fun->accept('district', 'R');
		if (!empty($district)) {
			$db_where.=' AND district=' . $district;
		}
		$serchekey = $this->fun->accept('serchekey', 'R');
		$keyname = $this->fun->accept('keyname', 'R');
		$keyname = empty($keyname) ? 'username' : $keyname;
		if (!empty($serchekey)) {
			$db_where.=" AND $keyname like '%$serchekey%'";
		}

		$limitkey = $this->fun->accept('limitkey', 'R');
		$limitkey = empty($limitkey) ? 'userid' : $limitkey;

		$limitclass = $this->fun->accept('limitclass', 'R');
		$limitclass = empty($limitclass) ? 'DESC' : $limitclass;

		$db_table = db_prefix . 'member';
		if (!empty($countnum)) {
			$countnum = $this->db_numrows($db_table, $db_where);
			exit($countnum);
		}
		$sql = 'SELECT * FROM ' . $db_table . $db_where . ' ORDER BY ' . $limitkey . ' ' . $limitclass . ' LIMIT ' . $MinPageid . ',' . $MaxPerPage;

		$rs = $this->db->query($sql);
		while ($rsList = $this->db->fetch_assoc($rs)) {
			$rankname = $this->get_member_purview($rsList['mcid'], 'rankname');
			$province = $this->get_cityview($rsList['province'], 'cityname');
			$city = $this->get_cityview($rsList['city'], 'cityname');
			$district = $this->get_cityview($rsList['district'], 'cityname');
			$rsList['rankname'] = $rankname;
			$rsList['province'] = $province;
			$rsList['city'] = $city;
			$rsList['district'] = $district;
			$array[] = $rsList;
		}
		$this->fun->setcookie($this->fun->noncefile() . 'pgid', $page_id, 600);
		$this->ectemplates->assign('array', $array);
		$this->ectemplates->assign('sql', $sql);
		$this->ectemplates->display('member/member_list');
	}

	function onsearch() {
		parent::start_template();
		$tab = $this->fun->accept('tab', 'R');
		$tab = empty($tab) ? 'true' : $tab;
		$memberpuv = $this->get_member_purview_array();
		$membersource = $this->get_member_source_array();
		$this->ectemplates->assign('membersource', $membersource['list']);
		$this->ectemplates->assign('memberpuvlist', $memberpuv['list']);
		$this->ectemplates->display("member/member_search");
	}
	
	function onexport() {
		parent::start_template();
		$tab = $this->fun->accept('tab', 'R');
		$tab = empty($tab) ? 'true' : $tab;
		
		$month = intval(date('m'));
		$year = intval(date('Y'));
		$membersource = $this->get_member_source_array();
		$this->ectemplates->assign('month', $month);
		$this->ectemplates->assign('year', $year);
		$this->ectemplates->assign('membersource', $membersource['list']);
		$this->ectemplates->display("member/member_export");
	}
	
	function onexportsave() {
		include_once admin_ROOT . 'public/class_export.php';
		$year = $this->fun->accept('year', 'P');
		$month = $this->fun->accept('month', 'P');
		$source = $this->fun->accept('source', 'P');
		
		$ordertime1 = strtotime("$year-$month-1");
		if($month == 12) {
			$ordertime2 = strtotime(($year+1)."-1-1");
		} else {
			$ordertime2 = strtotime($year."-".($month+1)."-1");
		}
		$db_table = db_prefix . 'member';
		$db_where = " userid=$source ";
		$arruser = $this->db->fetch_first("SELECT username,alias,email FROM $db_table WHERE $db_where");
		$filename = $year."-".$month."_".$arruser['username']."_orderlist";

		header ("Content-Type: application/vnd.ms-excel; charset=utf-8");
		header ("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
		header ("Last-Modified: " . gmdate("D,d M YH:i:s") . " GMT");
		header ("Cache-Control: no-cache, must-revalidate");
		header ("Pragma: no-cache");
		header ("Content-Disposition: attachment; filename=".$filename.".xls" );  
		header ("Content-Description: PHP/INTERBASE Generated Data" );
		
		$excel = new export();
		$excel->xlsBOF();
		
		$excel->xlsWriteLabel(0,0,iconv("utf-8","gb2312","业务员："));
		$excel->xlsWriteLabel(0,1,iconv("utf-8","gb2312",$arruser['username']));
		$excel->xlsWriteLabel(0,2,iconv("utf-8","gb2312","姓名："));
		$excel->xlsWriteLabel(0,3,iconv("utf-8","gb2312",$arruser['alias']));
		$excel->xlsWriteLabel(0,4,iconv("utf-8","gb2312","E-mail:"));
		$excel->xlsWriteLabel(0,5,iconv("utf-8","gb2312",$arruser['email']));
		$excel->xlsWriteLabel(1,0,"");
		
		$excel->xlsWriteLabel(2,0,iconv("utf-8","gb2312","会员ID"));
		$excel->xlsWriteLabel(2,1,iconv("utf-8","gb2312","会员名"));
		$excel->xlsWriteLabel(2,2,iconv("utf-8","gb2312","是否新客户"));
		$excel->xlsWriteLabel(2,3,iconv("utf-8","gb2312","订单号"));
		$excel->xlsWriteLabel(2,4,iconv("utf-8","gb2312","订单状态"));
		$excel->xlsWriteLabel(2,5,iconv("utf-8","gb2312","入店日期"));
		$excel->xlsWriteLabel(2,6,iconv("utf-8","gb2312","离店日期"));
		$excel->xlsWriteLabel(2,7,iconv("utf-8","gb2312","酒店名称"));
		$excel->xlsWriteLabel(2,8,iconv("utf-8","gb2312","客人"));
		$excel->xlsWriteLabel(2,9,iconv("utf-8","gb2312","房量"));
		$excel->xlsWriteLabel(2,10,iconv("utf-8","gb2312","总价"));

		$db_table2 = db_prefix . 'hotel_order';
		
		if($source) {
			$db_where2 = " `UserId` IN (SELECT `userid` FROM $db_table WHERE source =$source) ";
		} else {
			$db_where2 = " `UserId` IN (SELECT `userid` FROM $db_table WHERE source in(SELECT `userid` FROM $db_table WHERE mcid=99)) ";
		}
		
		$sql = "SELECT `UserId` , (
			SELECT `username` FROM $db_table 
			WHERE userid = `$db_table2`.UserId
		) AS UserName,`HotelOrderID` , `OrderState` , `OrderDatetime` , `HotelName` , `CheckInDate` , `CheckOutDate` , `Guest_Name` , `RoomAmount` , `TotalPrice`
		FROM $db_table2 WHERE $db_where2 AND OrderDatetime BETWEEN $ordertime1 AND $ordertime2";

		$rs = $this->db->query($sql);
		$i = 3;
		while ($rsList = $this->db->fetch_assoc($rs)) {
			$excel->xlsWriteLabel($i,0,$rsList['UserId']);
			$excel->xlsWriteLabel($i,1,iconv("utf-8","gb2312",$rsList['UserName']));
			$countnum = $this->db_numrows($db_table2, " WHERE UserId=".$rsList['UserId']." AND OrderState=8 AND OrderDatetime<".$rsList['OrderDatetime']);
			if(!$countnum) {
				$excel->xlsWriteLabel($i,2,iconv("utf-8","gb2312","是"));
			} else {
				$excel->xlsWriteLabel($i,2,iconv("utf-8","gb2312","否"));
			}
			$excel->xlsWriteLabel($i,3,iconv("utf-8","gb2312",$rsList['HotelOrderID']));
			$excel->xlsWriteLabel($i,4,iconv("utf-8","gb2312",$this->get_ordertype($rsList['OrderState'])));
			$excel->xlsWriteLabel($i,5,date('Y/m/d',$rsList['CheckInDate']));
			$excel->xlsWriteLabel($i,6,date('Y/m/d',$rsList['CheckOutDate']));
			$excel->xlsWriteLabel($i,7,iconv("utf-8","gb2312",$rsList['HotelName']));
			$excel->xlsWriteLabel($i,8,iconv("utf-8","gb2312",$rsList['Guest_Name']));
			$excel->xlsWriteLabel($i,9,$rsList['RoomAmount']);
			$excel->xlsWriteLabel($i,10,$rsList['TotalPrice']);
			$i++;
		}
		$excel->xlsEOF();
	}

	function onmemberadd() {
		parent::start_template();
		$tab = $this->fun->accept('tab', 'G');
		$tab = empty($tab) ? 'true' : $tab;
		$this->ectemplates->assign('tab', $tab);

		$attrread = $this->get_memberatt();
		$this->ectemplates->assign('attrread', $attrread);

		$memberpuv = $this->get_member_purview_array();
		$this->ectemplates->assign('memberpuvlist', $memberpuv['list']);
		$this->ectemplates->display('member/member_add');
	}

	function onmemberedit() {
		parent::start_template();
		$tab = $this->fun->accept('tab', 'G');
		$tab = empty($tab) ? 'true' : $tab;

		$userid = $this->fun->accept('userid', 'R');
		if (empty($userid)) exit('false');
		$db_table1 = db_prefix . 'member AS a';
		$db_table2 = db_prefix . 'member_value AS b';
		$db_sql = "SELECT a.*,b.mvid,b.value FROM $db_table1
			   LEFT JOIN $db_table2 ON a.userid = b.userid
			   WHERE a.userid = $userid ";
		$rsList = $this->db->fetch_first($db_sql);

		$attrread = $this->get_memberatt(false, true);
		if (!empty($rsList['value'])) {
			$value = unserialize($rsList['value']);
			unset($rsList['value']);
		}
		if (is_array($value)) {
			$attlist = $this->fun->array_merge($attrread, $value);
		} else {
			$attlist = $attrread;
		}
		$this->ectemplates->assign('attrread', $attlist);

		$memberpuv = $this->get_member_purview_array($rsList['mcid']);
		$this->ectemplates->assign('memberpuvlist', $memberpuv['list']);
		$this->ectemplates->assign('memread', $rsList);
		$this->ectemplates->assign('tab', $tab);
		$this->ectemplates->display('member/member_edit');
	}

	function onmembersave() {
		parent::start_template();

		$inputclass = $this->fun->accept('inputclass', 'P');
		$username = $this->fun->accept('username', 'P');
		$email = $this->fun->accept('email', 'P');
		$question = $this->fun->accept('question', 'P');
		$answer = $this->fun->accept('answer', 'P');
		$mcid = $this->fun->accept('mcid', 'P');
		$alias = $this->fun->accept('alias', 'P');
		$sex = $this->fun->accept('sex', 'P');
		$tel = $this->fun->accept('tel', 'P');
		$mobile = $this->fun->accept('mobile', 'P');
		$birthday = $this->fun->accept('birthday', 'P');
		$birthday = empty($birthday) ? 0 : $this->fun->formatdate($birthday, 4);
		$country = $this->fun->accept('cityone', 'P');
		$province = $this->fun->accept('citytwo', 'P');
		$city = $this->fun->accept('citythree', 'P');
		$district = $this->fun->accept('district', 'P');
		$address = $this->fun->accept('address', 'P');
		$zipcode = $this->fun->accept('zipcode', 'P');
		$zipcode = empty($zipcode) ? 0 : $zipcode;
		$msn = $this->fun->accept('msn', 'P');
		$qq = $this->fun->accept('qq', 'P');
		$qq = empty($qq) ? 0 : $qq;
		$memberatt = $this->fun->accept('memberatt', 'P');
		if (!preg_match("/^[^!@~`\'\"#\$\%\^&\*\(\)\+\-\{\}\[\]\|\\/\?\<\>\,\.\:\;]{2,16}$/i", $username)) {
			exit('false');
		}
		$db_table = db_prefix . 'member';
		$db_table2 = db_prefix . 'member_value';
		$date = time();
		if ($inputclass == 'add') {
			$this->powercheck(110, 118);
			$password = md5($this->fun->accept('password', 'P'));
			$password2 = $this->fun->accept('password', 'P');

			$isclass = $this->esp_inputclassid;
			$db_field = 'username,password,email,question,answer,sex,birthday,country,province,city,district,alias,address,zipcode,
				tel,mobile,qq,msn,integral,visitcount,lastip,addtime,lasttime,mcid,isclass';
			$db_values = "'$username','$password','$email','$question','$answer',$sex,$birthday,$country,$province,$city,$district,'$alias','$address',$zipcode,
				'$tel','$mobile',$qq,'$msn',0,0,0,$date,$date,$mcid,$isclass";
			$this->db->query('INSERT INTO ' . $db_table . ' (' . $db_field . ') VALUES (' . $db_values . ')');
			$insert_id = $this->db->insert_id();
			if (!empty($memberatt) && is_array($memberatt)) {

				$db_field = 'userid,value';
				$value = addslashes(serialize($memberatt));
				$db_values = "$insert_id,'$value'";
				$this->db->query('INSERT INTO ' . $db_table2 . ' (' . $db_field . ') VALUES (' . $db_values . ')');
			}

			
			$this->writelog($this->lng['membermain_add_log'], $this->lng['log_extra_ok'] . ' username=' . $username);
			exit('true');
		} elseif ($inputclass == 'edit') {
			$this->powercheck(110, 127);
			$password = $this->fun->accept('password', 'P');
			$password_uc = $this->fun->accept('password', 'P');
			$passwordold = $this->fun->accept('passwordold', 'P');
			$password = empty($password) ? $passwordold : md5($password);
			$userid = $this->fun->accept('userid', 'P');
			$db_where = 'userid=' . $userid;
			$db_set = "password='$password',email='$email',question='$question',answer='$answer',sex=$sex,birthday=$birthday,country=$country,province=$province,
				city=$city,district=$district,alias='$alias',address='$address',zipcode=$zipcode,tel='$tel',mobile='$mobile',qq=$qq,msn='$msn',mcid=$mcid";
			$this->db->query('UPDATE ' . $db_table . ' SET ' . $db_set . ' WHERE ' . $db_where);

			if (!empty($memberatt) && is_array($memberatt)) {

				$value = addslashes(serialize($memberatt));
				if ($this->checkdid($userid, 'member_value')) {
					$db_set = "value='$value'";
					$this->db->query('UPDATE ' . $db_table2 . ' SET ' . $db_set . ' WHERE ' . $db_where);
				} else {
					$db_field = 'userid,value';
					$db_values = "$userid,'$value'";
					$this->db->query('INSERT INTO ' . $db_table2 . ' (' . $db_field . ') VALUES (' . $db_values . ')');
				}
			}
			
			$this->writelog($this->lng['membermain_edit_log'], $this->lng['log_extra_ok'] . ' username=' . $username . ' userid=' . $userid);
			exit('true');
		}
	}

	function onpasswordrest() {
		$this->powercheck(5, 503);
		require admin_ROOT . adminfile . '/include/skintitle/skintitle_member.php';
		require admin_ROOT . '/public/uc_client/client.php';
		require admin_ROOT . adminfile . '/include/inc_member.php';
		parent::start_template();
		$this->load('dbuser', 'inc', 1);
		$db_table = db_prefix . 'member';
		$id = $this->accept('id', 'R');
		$username = $this->accept('username', 'R');
		$db_where = "id=$id";
		$newpassword = md5(888888);
		$db_set = "password='$newpassword'";

		if ($MEM['ucmemberclass']) {
			$datalist = uc_get_user($username);
			if ($datalist) {
				list($uid2, $username2, $email2) = $datalist;
				uc_user_edit($username, 888888, 888888, $email2, 1);
			}
		}
		$this->dbuser->db_update($db_table, $db_set, $db_where);
		$this->writelog($ST['TITLE_PASSWORD_LOGTITLE'], $ST['TITLE_LOG_OK'] . ' id=' . $id);
		exit('true');
	}

	function ondel() {
		$this->powercheck(110, 125);
		
		$db_table = db_prefix . 'member';
		$db_table2 = db_prefix . 'member_value';
		$selectinfoid = $this->fun->accept('memberselectinfoid', 'P');
		if (empty($selectinfoid)) exit('false');
		$infoarray = explode(',', $selectinfoid);
		$count = count($infoarray) - 1;
		if ($count <= 0) exit('false');
		for ($i = 0; $i < $count; $i++) {
			$db_where = "userid=$infoarray[$i]";

			$this->db->query('DELETE FROM ' . $db_table . ' WHERE ' . $db_where);
			$this->db->query('DELETE FROM ' . $db_table2 . ' WHERE ' . $db_where);
		}
		$this->writelog($this->lng['membermain_del_log'], $this->lng['log_extra_ok'] . ' id=' . $selectinfoid);
		exit('true');
	}

	function onsetting() {
		$this->powercheck(110, 127);
		$db_table = db_prefix . 'member';
		$selectinfoid = $this->fun->accept('memberselectinfoid', 'P');
		$selectinfoid = $selectinfoid . '0';
		if (empty($selectinfoid)) exit('false');
		$value = $this->fun->accept('value', 'P');
		$dbname = $this->fun->accept('dbname', 'P');
		$db_set = "$dbname=$value";
		$db_where = "userid IN ( $selectinfoid )";
		$this->db->query('UPDATE ' . $db_table . ' SET ' . $db_set . ' WHERE ' . $db_where);
		$this->writelog($this->lng['membermain_setting_log'], $this->lng['log_extra_ok'] . ' id=' . $selectinfoid);
		exit('true');
	}

	function oncheckmemberuser() {
		$username = $this->fun->accept('username', 'R');
		$mem_lock = $this->CON['mem_lock'];
		if (!empty($mem_lock)) {
			$mem_lockarray = explode(',', $mem_lock);
			if (in_array($username, $mem_lockarray)) {
				exit('false');
			}
		}
		$db_table = db_prefix . 'member';
		$db_where = " WHERE username='$username'";
		$countnum = $this->db_numrows($db_table, $db_where);
		if ($countnum > 0) {
			$exportAjax = 'false';
		} else {
			$exportAjax = 'true';
		}
		exit($exportAjax);
	}

	function checkdid($did, $dbname) {
		$db_table = db_prefix . $dbname;
		$db_where = " WHERE userid='$did'";
		$countnum = $this->db_numrows($db_table, $db_where);
		if ($countnum > 0) {
			return true;
		} else {
			return false;
		}
	}

}
?>